Vulnerabilities
Aggregated CVE / GHSA / KEV / OSV — filter by tag and category.
| ID | Title | |
|---|---|---|
| CVE-2023-50989 |
|
Command Injection in tenda (CVE-2023-50989)
command injection in tenda (CVE-2023-50989). Successful exploitation can lead to full system takeover.
|
| CVE-2023-50985 |
|
Out-of-Bounds Write in tenda (CVE-2023-50985)
out-of-bounds write in tenda (CVE-2023-50985). Successful exploitation can lead to full system takeover.
|
| CVE-2023-50984 |
|
Out-of-Bounds Write in tenda (CVE-2023-50984)
out-of-bounds write in tenda (CVE-2023-50984). Successful exploitation can lead to full system takeover.
|
| CVE-2023-50983 |
|
Command Injection in tenda (CVE-2023-50983)
command injection in tenda (CVE-2023-50983). Successful exploitation can lead to full system takeover.
|
| CVE-2023-50986 |
|
Out-of-Bounds Write in tenda (CVE-2023-50986)
out-of-bounds write in tenda (CVE-2023-50986). Successful exploitation can lead to full system takeover.
|
| CVE-2023-50987 |
|
Out-of-Bounds Write in tenda (CVE-2023-50987)
out-of-bounds write in tenda (CVE-2023-50987). Successful exploitation can lead to full system takeover.
|
| CVE-2023-50918 |
|
app/Controller/AuditLogsController.php in MISP before 2.4.182 mishandles ACLs for audit logs.
app/Controller/AuditLogsController.php in MISP before 2.4.182 mishandles ACLs for audit logs.
|
| CVE-2023-48658 |
|
Vulnerability in misp-project (CVE-2023-48658)
vulnerability in misp-project (CVE-2023-48658). Successful exploitation can lead to full system takeover.
|
| CVE-2023-48657 |
|
An issue was discovered in MISP before 2.4.176. app/Model/AppModel.php mishandles filters.
An issue was discovered in MISP before 2.4.176. app/Model/AppModel.php mishandles filters.
|
| CVE-2023-48656 |
|
An issue was discovered in MISP before 2.4.176. app/Model/AppModel.php mishandles order clauses.
An issue was discovered in MISP before 2.4.176. app/Model/AppModel.php mishandles order clauses.
|
| CVE-2023-48655 |
|
Vulnerability in misp-project (CVE-2023-48655)
vulnerability in misp-project (CVE-2023-48655). Successful exploitation can lead to full system takeover.
|
| CVE-2023-48659 |
|
Vulnerability in misp-project (CVE-2023-48659)
vulnerability in misp-project (CVE-2023-48659). Successful exploitation can lead to full system takeover.
|
| CVE-2023-46958 |
|
Code Injection in lmxcms (CVE-2023-46958)
code injection in lmxcms (CVE-2023-46958). Successful exploitation can lead to full system takeover.
|
| CVE-2023-46010 |
|
Code Injection in seacms (CVE-2023-46010)
code injection in seacms (CVE-2023-46010). Successful exploitation can lead to full system takeover.
|
| CVE-2023-38545 |
|
Out-of-Bounds Write in haxx (CVE-2023-38545)
out-of-bounds write in haxx (CVE-2023-38545). Successful exploitation can lead to full system takeover.
|
| CVE-2023-43234 |
|
Code Injection in dedebiz (CVE-2023-43234)
code injection in dedebiz (CVE-2023-43234). Successful exploitation can lead to full system takeover.
|
| CVE-2023-34576 |
|
SQL Injection in sqli (CVE-2023-34576)
SQL injection in sqli (CVE-2023-34576). Successful exploitation can lead to full system takeover.
|
| CVE-2023-4662 |
|
Vulnerability in adobe (CVE-2023-4662)
vulnerability in adobe (CVE-2023-4662). Successful exploitation can lead to full system takeover.
|
| CVE-2023-4661 |
|
SQL Injection in sqli (CVE-2023-4661)
SQL injection in sqli (CVE-2023-4661). Successful exploitation can lead to full system takeover.
|
| CVE-2023-39809 |
|
Command Injection in nvki (CVE-2023-39809)
command injection in nvki (CVE-2023-39809). Successful exploitation can lead to full system takeover.
|
| CVE-2023-39807 |
|
SQL Injection in sqli (CVE-2023-39807)
SQL injection in sqli (CVE-2023-39807). Successful exploitation can lead to full system takeover.
|
| CVE-2023-39805 |
|
SQL Injection in sqli (CVE-2023-39805)
SQL injection in sqli (CVE-2023-39805). Successful exploitation can lead to full system takeover.
|
| CVE-2023-38954 |
|
ZKTeco BioAccess IVS v3.3.1 was discovered to contain a SQL injection vulnerability.
ZKTeco BioAccess IVS v3.3.1 was discovered to contain a SQL injection vulnerability.
|
| CVE-2023-34842 |
|
Code Injection in dedecms (CVE-2023-34842)
code injection in dedecms (CVE-2023-34842). Successful exploitation can lead to full system takeover.
|
| CVE-2023-37647 |
|
SQL Injection in sqli (CVE-2023-37647)
SQL injection in sqli (CVE-2023-37647). Successful exploitation can lead to full system takeover.
|
| CVE-2023-33150 |
|
Microsoft Office Security Feature Bypass Vulnerability
Microsoft Office Security Feature Bypass Vulnerability
|
| CVE-2023-34832 |
|
Vulnerability in tp-link (CVE-2023-34832)
vulnerability in tp-link (CVE-2023-34832). Successful exploitation can lead to full system takeover.
|
| CVE-2023-34752 |
|
SQL Injection in sqli (CVE-2023-34752)
SQL injection in sqli (CVE-2023-34752). Successful exploitation can lead to full system takeover.
|
| CVE-2023-34944 |
|
Unrestricted File Upload in chamilo (CVE-2023-34944)
vulnerability in chamilo (CVE-2023-34944). Successful exploitation can lead to full system takeover.
|
| CVE-2023-33532 |
|
Command Injection in netgear (CVE-2023-33532)
command injection in netgear (CVE-2023-33532). Successful exploitation can lead to full system takeover.
|
| CVE-2023-30185 |
|
Unrestricted File Upload in crmeb (CVE-2023-30185)
vulnerability in crmeb (CVE-2023-30185). Successful exploitation can lead to full system takeover.
|
| CVE-2023-30242 |
|
SQL Injection in sqli (CVE-2023-30242)
SQL injection in sqli (CVE-2023-30242). Successful exploitation can lead to full system takeover.
|
| CVE-2023-23059 |
|
Vulnerability in geovision (CVE-2023-23059)
vulnerability in geovision (CVE-2023-23059). Successful exploitation can lead to full system takeover.
|
| CVE-2023-28531 |
|
Vulnerability in openbsd (CVE-2023-28531)
vulnerability in openbsd (CVE-2023-28531). Successful exploitation can lead to full system takeover.
|
| CVE-2022-48329 |
|
Vulnerability in misp-project (CVE-2022-48329)
vulnerability in misp-project (CVE-2022-48329). Successful exploitation can lead to full system takeover.
|
| CVE-2022-48328 |
|
Vulnerability in misp-project (CVE-2022-48328)
vulnerability in misp-project (CVE-2022-48328). Successful exploitation can lead to full system takeover.
|
| CVE-2022-45088 |
|
Vulnerability in gruparge (CVE-2022-45088)
vulnerability in gruparge (CVE-2022-45088). Successful exploitation can lead to full system takeover.
|
| CVE-2020-22452 |
|
SQL Injection in sqli (CVE-2020-22452)
SQL injection in sqli (CVE-2020-22452). Successful exploitation can lead to full system takeover.
|
| CVE-2022-46393 |
|
Out-of-Bounds Read in arm (CVE-2022-46393)
vulnerability in arm (CVE-2022-46393). Successful exploitation can lead to full system takeover.
|
| CVE-2022-44290 |
|
SQL Injection in sqli (CVE-2022-44290)
SQL injection in sqli (CVE-2022-44290). Successful exploitation can lead to full system takeover.
|
| CVE-2022-44291 |
|
SQL Injection in sqli (CVE-2022-44291)
SQL injection in sqli (CVE-2022-44291). Successful exploitation can lead to full system takeover.
|
| CVE-2022-44194 |
|
Out-of-Bounds Write in netgear (CVE-2022-44194)
out-of-bounds write in netgear (CVE-2022-44194). Successful exploitation can lead to full system takeover.
|
| CVE-2022-40842 |
|
SSRF (Server-Side Request Forgery) in ssrf (CVE-2022-40842)
SSRF in ssrf (CVE-2022-40842). Confidential information can be exposed externally.
|
| CVE-2022-36180 |
|
Cross-Site Scripting (XSS) in fusiondirectory (CVE-2022-36180)
cross-site scripting in fusiondirectory (CVE-2022-36180). Successful exploitation can lead to full system takeover.
|
| CVE-2022-42122 |
|
SQL Injection in sqli (CVE-2022-42122)
SQL injection in sqli (CVE-2022-42122). Successful exploitation can lead to full system takeover. Exploitable via ``title``.
|
| CVE-2022-42120 |
|
SQL Injection in c (CVE-2022-42120)
SQL injection in c (CVE-2022-42120). Successful exploitation can lead to full system takeover. Exploitable via ``namespace``.
|
| CVE-2022-35156 |
|
SQL Injection in sqli (CVE-2022-35156)
SQL injection in sqli (CVE-2022-35156). Successful exploitation can lead to full system takeover.
|
| CVE-2022-40030 |
|
SQL Injection in sqli (CVE-2022-40030)
SQL injection in sqli (CVE-2022-40030). Successful exploitation can lead to full system takeover.
|
| CVE-2022-36536 |
|
Vulnerability in syncovery (CVE-2022-36536)
vulnerability in syncovery (CVE-2022-36536). Successful exploitation can lead to full system takeover.
|
| CVE-2022-26258 KEV |
|
[KEV] OS Command Injection in D-link dir-820l (CVE-2022-26258)
OS command injection in D-link dir-820l (CVE-2022-26258). Successful exploitation can lead to full system takeover. Listed in CISA KEV — actively exploited.
|